urlscan.io logo urlscan.io
SecurityTrails logo

fantasyorangedesktop.click Open in urlscan Pro
202.172.28.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fantasyorangedesktop.click/
Effective URL: https://fantasyorangedesktop.click/
Submission: On June 23 via api from BE — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 31 HTTP transactions. The main IP is 202.172.28.190, located in Japan and belongs to DIGIROCK DigiRock, Inc., JP. The main domain is fantasyorangedesktop.click.
TLS certificate: Issued by R3 on May 24th 2024. Valid for: 3 months.
This is the only time fantasyorangedesktop.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 202.172.28.190 37907 (DIGIROCK ...)
1 2404:6800:400... 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
5 23.193.119.200 20940 (AKAMAI-ASN1)
2 35.77.215.101 16509 (AMAZON-02)
2 20.114.189.135 8075 (MICROSOFT...)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
31 9
16    202.172.28.190 (Japan)

ASN37907 (DIGIROCK DigiRock, Inc., JP)
PTR: s189.coreserver.jp
fantasyorangedesktop.click
1    2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2620:1ec:29:1::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    23.193.119.200 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-193-119-200.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    35.77.215.101 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-77-215-101.ap-northeast-1.compute.amazonaws.com
ac.trictrac.jp
2    20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
v.clarity.ms
2    52.231.230.148 (Busan, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
16 fantasyorangedesktop.click
fantasyorangedesktop.click
182 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
v.clarity.ms — Cisco Umbrella Rank: 7632
c.clarity.ms — Cisco Umbrella Rank: 1434
28 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
140 KB
2 trictrac.jp
ac.trictrac.jp
5 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
762 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
4 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469
34 KB
31 8
Domain Requested by
16 fantasyorangedesktop.click fantasyorangedesktop.click
5 analytics.tiktok.com fantasyorangedesktop.click
analytics.tiktok.com
2 c.clarity.ms 1 redirects
2 v.clarity.ms www.clarity.ms
analytics.tiktok.com
2 ac.trictrac.jp fantasyorangedesktop.click
ac.trictrac.jp
2 www.clarity.ms fantasyorangedesktop.click
www.clarity.ms
1 c.bing.com 1 redirects
1 cdn.jsdelivr.net fantasyorangedesktop.click
1 cdnjs.cloudflare.com fantasyorangedesktop.click
1 ajax.googleapis.com fantasyorangedesktop.click
31 10

This site contains links to these domains. Also see Links.

Domain
ja.wordpress.org
Subject Issuer Validity Valid
fantasyorangedesktop.click
R3		 2024-05-24 -
2024-08-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
8.trictrac.jp
R3		 2024-05-20 -
2024-08-18		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://fantasyorangedesktop.click/
Frame ID: FAA423843DB75A47C8D27C697BB11002
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

fantasyorangedesktop | Just another WordPress site

Page URL History Show full URLs

  1. http://fantasyorangedesktop.click/ HTTP 307
    https://fantasyorangedesktop.click/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

31
Requests

97 %
HTTPS

40 %
IPv6

8
Domains

10
Subdomains

9
IPs

5
Countries

397 kB
Transfer

1263 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fantasyorangedesktop.click/ HTTP 307
    https://fantasyorangedesktop.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=56222F1A441141C08602B462D6244058&RedC=c.clarity.ms&MXFR=280B7296D2696E7B3C786631D66960C8 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=56222F1A441141C08602B462D6244058&MUID=19071F09E3316A75119E0BAEE2DB6BF6

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fantasyorangedesktop.click/
Redirect Chain
  • http://fantasyorangedesktop.click/
  • https://fantasyorangedesktop.click/
111 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
ed8750f431eb094b9635228f6beeba2ad67baa1724091f6300f37941c5a7d860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 23 Jun 2024 05:32:39 GMT
link
<https://fantasyorangedesktop.click/wp-json/>; rel="https://api.w.org/"
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent

Redirect headers

Location
https://fantasyorangedesktop.click/
Non-Authoritative-Reason
HttpsUpgrades
style.css
fantasyorangedesktop.click/wp-content/themes/cocoon-master/ 		210 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/style.css?ver=6.5.4&fver=20240524075447
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
7723cd2da63deea507273f55e50c6a46496e2bc4549b8ebc83a7087c0459765d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:54:47 GMT
server
Apache
etag
"3484f-6192e7b47409e-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
38195
keyframes.css
fantasyorangedesktop.click/wp-content/themes/cocoon-master/ 		292 B
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/keyframes.css?ver=6.5.4&fver=20240524075447
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:54:47 GMT
server
Apache
etag
"124-6192e7b43e540-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
124
font-awesome.min.css
fantasyorangedesktop.click/wp-content/themes/cocoon-master/webfonts/fontawesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=6.5.4&fver=20240524075447
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:54:47 GMT
server
Apache
etag
"792a-6192e7b478ebe-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
7059
style.css
fantasyorangedesktop.click/wp-content/themes/cocoon-master/webfonts/icomoon/ 		3 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=6.5.4&fver=20240524075448
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
cfcc038eafff1dd7ea8508b07b03b46f1c0cc60fb0d3eb624bc1126b2a613e20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:54:48 GMT
server
Apache
etag
"c02-6192e7b4cbedc-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
813
style.css
fantasyorangedesktop.click/wp-content/themes/cocoon-child-master/ 		845 B
475 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-child-master/style.css?ver=6.5.4&fver=20240524075515
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
7190dc8908e544de22a4b30cd549f2798dfe53643409cd48e40cd2f32672f72b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:55:15 GMT
server
Apache
etag
"34d-6192e7ce966e0-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
385
keyframes.css
fantasyorangedesktop.click/wp-content/themes/cocoon-child-master/ 		130 B
190 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.5.4&fver=20240524075515
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:55:15 GMT
server
Apache
etag
"82-6192e7ce95740-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
136
style.min.css
fantasyorangedesktop.click/wp-includes/css/dist/block-library/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4&fver=20240524075348
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:53:48 GMT
server
Apache
etag
"1bae5-6192e77c70480-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
14991
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Jun 2025 20:02:57 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 05:32:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
300262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxsl1nyDiLuLkWb%2BuIuNsQ8sxFveZZpu%2BflfQL2ZwecRjsYC%2B76IEFDYxUY3sRCCz%2F6Y%2FogXFISDkeTNGqkhG0EgdnOLCdeOMDAGrMKOGoDZNqTL8PTP6t%2FHDv%2BmpDbOKdmEw9Zy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8982194cf8e48a4a-NRT
expires
Fri, 13 Jun 2025 05:32:39 GMT
icomoon.woff
fantasyorangedesktop.click/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?3o5bkh
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
e08f64e5c56e8de6a33a9b7654c38fdf9465db358d3d1174b32d652bbfdd4d30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Origin
https://fantasyorangedesktop.click
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:54:48 GMT
server
Apache
etag
"3124-6192e7b4cbedc"
vary
User-Agent
content-type
font/woff
accept-ranges
bytes
content-length
12580
icomoon.ttf
fantasyorangedesktop.click/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.ttf?3o5bkh
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
aa8b2a449f4bd08d60d370bc75b02f2720022e93842a7118f74cec199975a195
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Origin
https://fantasyorangedesktop.click
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:54:48 GMT
server
Apache
etag
"30d4-6192e7b4cbedc"
vary
User-Agent
content-type
font/ttf
accept-ranges
bytes
content-length
12500
fontawesome-webfont.woff2
fantasyorangedesktop.click/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Origin
https://fantasyorangedesktop.click
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:54:47 GMT
server
Apache
etag
"12d68-6192e7b47bd9e"
vary
User-Agent
content-type
font/woff2
accept-ranges
bytes
content-length
77160
no-image-320.png
fantasyorangedesktop.click/wp-content/themes/cocoon-master/images/ 		739 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/images/no-image-320.png
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
cae69e643674ce071a2b636b10b21583a97e9fc958a8f5a21c14d3aff49790b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:54:47 GMT
server
Apache
etag
"2e3-6192e7b43d5a0"
content-type
image/png
accept-ranges
bytes
content-length
739
stickyfill.min.js
fantasyorangedesktop.click/wp-content/themes/cocoon-master/plugins/stickyfill/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/plugins/stickyfill/dist/stickyfill.min.js?ver=6.5.4&fver=20240524075447
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:54:47 GMT
server
Apache
etag
"17fb-6192e7b457b7f-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
2212
javascript.js
fantasyorangedesktop.click/wp-content/themes/cocoon-master/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/javascript.js?ver=6.5.4&fver=20240524075447
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
747b1267a565fe7bb5846ded293c55cd535b012a62920d6e37eaf9d97b478081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:54:47 GMT
server
Apache
etag
"1b68-6192e7b43e540-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
2590
javascript.js
fantasyorangedesktop.click/wp-content/themes/cocoon-child-master/ 		298 B
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-child-master/javascript.js?ver=6.5.4&fver=20240524075515
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Fri, 24 May 2024 07:55:15 GMT
server
Apache
etag
"12a-6192e7ce95740-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
212
clipboard.min.js
cdn.jsdelivr.net/clipboard.js/1.5.13/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clipboard.js/1.5.13/clipboard.min.js
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 23 Jun 2024 05:32:39 GMT
age
2269071
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3670
x-served-by
cache-fra-etou8220116-FRA, cache-nrt-rjtf7700024-NRT
etag
W/"29b8-SfrX8LNZaoGlcNmIEvoJIzsobb4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
mvubyjp7jq
www.clarity.ms/tag/ 		637 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mvubyjp7jq
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bcd519831b17d25c86625880cea4b54b575c153cb094655eab37b07c035cb25a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Sun, 23 Jun 2024 05:32:40 GMT
x-azure-ref
20240623T053239Z-15c9b5b99fdj47rz98sqn2h498000000043g000000001pk9
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP5O3U3C77U6AE4R5LSG&lib=ttq
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.119.200 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-193-119-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3872a194a6523223ccd7e84a22ef5cd22eb0c412d1a89702dcf845b4d07f14f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
2af0a7cb
date
Sun, 23 Jun 2024 05:32:40 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406230532406BA929C3CA835FC28DF3-49F714B9EC70B6EE-00
x-cache
TCP_MISS from a23-213-31-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
server-timing
inner; dur=28, cdn-cache; desc=MISS, edge; dur=0, origin; dur=188
content-length
1496
pragma
no-cache
server
nginx
x-tt-logid
202406230532406BA929C3CA835FC28DF3
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
188,23.213.31.8
x-tt-trace-host
013009938b169d480cf433a6ba676e893835f8e3026a917163952c5be1110806ea28bd55cc0cec52f09662378c9af6b52d5fbcce8c4e76a659da231551da73e84c0ff280f4b7e90469fcb11a043570cee33369081cde4753877568fbb3e01b3d29
expires
Sun, 23 Jun 2024 05:32:40 GMT
cookie_js.php
ac.trictrac.jp/fpc/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ac.trictrac.jp/fpc/cookie_js.php?scriptId=afadfpc-142di20016f673b2gid144-1719120759890
Requested by
Host: fantasyorangedesktop.click
URL: https://fantasyorangedesktop.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.77.215.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-77-215-101.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
496d57c3fa839b62b110d9b7aac6a07f0fb102b503259a574866d3120c9280ee

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 05:32:40 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=UTF-8
param.min.js
ac.trictrac.jp/fpc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ac.trictrac.jp/fpc/param.min.js
Requested by
Host: ac.trictrac.jp
URL: https://ac.trictrac.jp/fpc/cookie_js.php?scriptId=afadfpc-142di20016f673b2gid144-1719120759890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.77.215.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-77-215-101.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3423e49b6bcf911e94d5b7210dc76d1c0c2ce727918baab8c589fe7c8979c2dc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 05:32:40 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 03:57:11 GMT
server
nginx
etag
W/"64b8b097-dcf"
content-type
application/javascript
clarity.js
www.clarity.ms/s/0.7.34/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mvubyjp7jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 05:32:40 GMT
content-encoding
br
last-modified
Thu, 23 May 2024 23:20:12 GMT
etag
W/"0x8DC7B7EE5574D78"
vary
Accept-Encoding
x-azure-ref
20240623T053240Z-15c9b5b99fdj47rz98sqn2h498000000043g000000001pm5
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
4975316b-c01e-0014-7f29-c366b4000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
main.MTU0NDc1MDUxMA.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP5O3U3C77U6AE4R5LSG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.119.200 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-193-119-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
2af0ac96
date
Sun, 23 Jun 2024 05:32:40 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240620151352045FE519E6AAA38A77F3
x-tt-trace-id
00-240620151352045FE519E6AAA38A77F3-465CB14642CE34F4-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-31-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0145cc4686b235f5810f3407530fa5953d8b144abdeea81740459318acd6739a9f5f7884c3832bc644841b140974560c065e3cc7931924a6f1760766a083a1da6507cac6351c370414a191d98be70a68d836d160f9e304244f183e3fa2878c96c5
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=18
content-length
99240
collect
v.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://fantasyorangedesktop.click
Date
Sun, 23 Jun 2024 05:32:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.119.200 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-193-119-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
2af0adb1
date
Sun, 23 Jun 2024 05:32:40 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240521140001B7FDF0A723932E474398
x-tt-trace-id
00-240521140001B7FDF0A723932E474398-64883D8A4E6B77E5-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-31-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010defb65f22ba89431bd64cf168731b9130fee203b45a88f72a729ff3785f4fb05a5f81ca7753ad1b430674566ec3df481e1249ea21615b46a95ea27d7241ea499011503e4ce907c3e56963f853fb2b22e7f077874b3cbcd2731ed141f1ed4744
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
39560
pixel
analytics.tiktok.com/api/v2/ 		0
843 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.119.200 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-193-119-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
af9d457.2af0ae60
date
Sun, 23 Jun 2024 05:32:40 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240623053240448FB3CF409571BDA8A8-3EBFD77E36C3272E-00
x-cache
TCP_MISS from a23-213-31-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
179,23.213.31.8
server-timing
cdn-cache; desc=MISS, edge; dur=157, origin; dur=29, inner; dur=25
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240623053240448FB3CF409571BDA8A8
x-cache-remote
TCP_MISS from a23-218-222-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
29,23.218.222.68
x-tt-trace-host
013009938b169d480cf433a6ba676e89380b7c2abdb0c744b4739259a88bd5bbbf32dbfedfc3c023d84e08a89aac03c2ddf820eb15795973296c9b0d7e3abed833d594fbb04dfef2e2a14df5de86020453b1df466c14b1db4ae664a8febd54e010a8855e10813b60197f5d9eeb8148770e
access-control-allow-headers
Authorization,*
expires
Sun, 23 Jun 2024 05:32:40 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=56222F1A441141C08602B462D6244058&RedC=c.clarity.ms&MXFR=280B7296D2696E7B3C786631D66960C8
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=56222F1A441141C08602B462D6244058&MUID=19071F09E3316A75119E0BAEE2DB6BF6
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=56222F1A441141C08602B462D6244058&MUID=19071F09E3316A75119E0BAEE2DB6BF6
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://fantasyorangedesktop.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jun 2024 05:32:39 GMT
last-modified
Thu, 20 Jun 2024 17:32:12 GMT
server
Microsoft-IIS/10.0
etag
"1b2b37c937c3da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 23 Jun 2024 05:32:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 28A1E3ABF0A340659965F6E01ED009CD Ref B: TYAEDGE0921 Ref C: 2024-06-23T05:32:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=56222F1A441141C08602B462D6244058&MUID=19071F09E3316A75119E0BAEE2DB6BF6
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
site-icon32x32.png
fantasyorangedesktop.click/wp-content/themes/cocoon-master/images/ 		352 B
424 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fantasyorangedesktop.click/wp-content/themes/cocoon-master/images/site-icon32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.172.28.190 , Japan, ASN37907 (DIGIROCK DigiRock, Inc., JP),
Reverse DNS
s189.coreserver.jp
Software
Apache /
Resource Hash
0447f3f4254d02cdfa99c216e0e78e038ddd26a81aa434510f357ab10cbf4f1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Jun 2024 05:32:40 GMT
last-modified
Fri, 24 May 2024 07:54:47 GMT
server
Apache
etag
"160-6192e7b43e540"
content-type
image/png
accept-ranges
bytes
content-length
352
act
analytics.tiktok.com/api/v2/pixel/ 		0
701 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.193.119.200 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-193-119-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2af0b4c1
date
Sun, 23 Jun 2024 05:32:41 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240623053240ABEDE935AD281EBDA7AF-412195942F30888D-00
x-cache
TCP_MISS from a23-213-31-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
server-timing
inner; dur=271, cdn-cache; desc=MISS, edge; dur=8, origin; dur=435
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240623053240ABEDE935AD281EBDA7AF
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
435,23.213.31.8
x-tt-trace-host
013009938b169d480cf433a6ba676e893835f8e3026a917163952c5be1110806eac0bd36c3dc3ef19086558fa1bda3040dd528050aa5ab790bf7c000ecc44045a0dfef9e666e1ab917bfae8f1d33355889f7397e66fe810d259edf81fa3a449e8e
access-control-allow-headers
Authorization,*
expires
Sun, 23 Jun 2024 05:32:41 GMT
collect
v.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://fantasyorangedesktop.click/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://fantasyorangedesktop.click
Date
Sun, 23 Jun 2024 05:32:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| clarity string| TiktokAnalyticsObject object| ttq object| Stickyfill object| cocoon_localize_script_options object| jQuery112409587135936987374 string| selector string| uqid function| _createClass function| _classCallCheck function| fpcCookie function| LineFriends object| afadfpc142di20016f673b2gid1441719120759890 function| fpcParam object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

13 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 10202897ff4f434aa7df2b4ad9926f64.20240623.20250623
.fantasyorangedesktop.click/ Name: _clck
Value: j8im8o%7C2%7Cfmv%7C0%7C1635
.tiktok.com/ Name: _ttp
Value: 2iGdHWee4wqqeEaOvX8VJQvhHeC
.fantasyorangedesktop.click/ Name: _tt_enable_cookie
Value: 1
.fantasyorangedesktop.click/ Name: _ttp
Value: WPA68Ht3kCHlvkpBoB0FwjyqLc6
.bing.com/ Name: MUID
Value: 19071F09E3316A75119E0BAEE2DB6BF6
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 19071F09E3316A75119E0BAEE2DB6BF6
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 19071F09E3316A75119E0BAEE2DB6BF6
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.fantasyorangedesktop.click/ Name: _clsk
Value: 1l9temw%7C1719120761020%7C1%7C1%7Cv.clarity.ms%2Fcollect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ac.trictrac.jp
ajax.googleapis.com
analytics.tiktok.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
fantasyorangedesktop.click
v.clarity.ms
www.clarity.ms
104.17.24.14
20.114.189.135
202.172.28.190
23.193.119.200
2404:6800:4004:824::200a
2620:1ec:29:1::46
2620:1ec:c11::237
2a04:4e42:200::485
35.77.215.101
52.231.230.148
0447f3f4254d02cdfa99c216e0e78e038ddd26a81aa434510f357ab10cbf4f1d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3423e49b6bcf911e94d5b7210dc76d1c0c2ce727918baab8c589fe7c8979c2dc
3872a194a6523223ccd7e84a22ef5cd22eb0c412d1a89702dcf845b4d07f14f4
47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
496d57c3fa839b62b110d9b7aac6a07f0fb102b503259a574866d3120c9280ee
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
7190dc8908e544de22a4b30cd549f2798dfe53643409cd48e40cd2f32672f72b
747b1267a565fe7bb5846ded293c55cd535b012a62920d6e37eaf9d97b478081
7723cd2da63deea507273f55e50c6a46496e2bc4549b8ebc83a7087c0459765d
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aa8b2a449f4bd08d60d370bc75b02f2720022e93842a7118f74cec199975a195
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
bcd519831b17d25c86625880cea4b54b575c153cb094655eab37b07c035cb25a
cae69e643674ce071a2b636b10b21583a97e9fc958a8f5a21c14d3aff49790b4
cfcc038eafff1dd7ea8508b07b03b46f1c0cc60fb0d3eb624bc1126b2a613e20
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
e08f64e5c56e8de6a33a9b7654c38fdf9465db358d3d1174b32d652bbfdd4d30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0
ed8750f431eb094b9635228f6beeba2ad67baa1724091f6300f37941c5a7d860
fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988